mirror of
https://github.com/Mailu/Mailu.git
synced 2024-12-12 10:45:38 +02:00
0839490beb
2479: Rework the anti-spoofing rule r=mergify[bot] a=nextgens ## What type of PR? Feature ## What does this PR do? We shouldn't assume that Mailu is the only MTA allowed to send emails on behalf of the domains it hosts. We should also ensure that it's non-trivial for email-spoofing of hosted domains to happen Previously we were preventing any spoofing of the envelope from; Now we are preventing spoofing of both the envelope from and the header from unless some form of authentication passes (is a RELAYHOST, SPF, DKIM, ARC) ### Related issue(s) - close #2475 ## Prerequisites Before we can consider review and merge, please make sure the following list is done and checked. If an entry in not applicable, you can check it or remove it from the list. - [x] In case of feature or enhancement: documentation updated accordingly - [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file. Co-authored-by: Florent Daigniere <nextgens@freenetproject.org> |
||
---|---|---|
.. | ||
conf | ||
Dockerfile | ||
start.py |